Описание
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.1 (исключая)
Одно из
cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.48417
Средний
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
EPSS
Процентиль: 98%
0.48417
Средний
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434